How hackers trick WhatsApp users to make a call while they hijack the account

Written By DNA Web Team | Updated: May 27, 2022, 05:34 PM IST

(Image Source: Reuters)

Hackers call up their targets and asks them to call on numbers starting with 67 or 405. Read what happens next when the users do so.

With more internet usage, hacking has become fairly common these days. Be it bank accounts or social media accounts, nothing is safe till we remain alert. Recently, security researchers have detected a new scam on the populat messaging platform WhatsApp. 

This new scam enables hackers to gain control of WhatsApp user accounts using a simple phone call.

Read | Download driving licence, vehicle registration certificate on WhatsApp, here’s how

How it operates?

Hackers call up their targets and asks them to call on numbers starting with 67 or 405 - **67*<10 digit number> or *405*<10 digit number> on some pretext.

Once the person makes a call in the number, they are logged out of their WhatsApp accounts and hackers gain complete control of their accounts within seconds. 

CloudSEK founder explains, the number that victims dial is a service request for Jio and Airtel for 'call forwarding' for when your number is busy or engaged.

This way they are able to forward victims' calls to a number that they own. In the meantime, the attackers start the WhatsApp registration process.

They then choose the option to send OTP via a phone call. Since the phone is engaged, the OTP will go to the attacker's phone, security researcher said.

The best and the easiest way to not fall prey to this trick is by not responding to calls from unknown numbers or making calls to unknown numbers.